Skip to content

v0.76.1 — HU handshake response verification

Choose a tag to compare

View all tags
@dzerik dzerik released this 28 May 06:45
· 54 commits to main since this release
v0.76.1
99d3fd5
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

PR A from the protocol-verification plan. Zero hardware-risk; pure validation tightening.

Fixed

  • HU handshake response is now validated end-to-end. The response handler now requires the 8-byte response to:

    • have payload[0:4] echo the random seed we sent
    • have payload[6:8] equal hu_verifier(payload[0:6]) (re-derived from our brand's HU table)

    Any mismatch is logged at WARNING and the handshake fails fast — _key_prefix stays None and _handshake_done is set so perform_handshake returns False immediately instead of hanging until the frame-timeout.

    Previously the handler trusted whatever the machine sent: a corrupted / mismatched response would silently install a junk session key, and every subsequent RC4-encrypted frame would decrypt to gibberish with no obvious log entry pointing back at the handshake.

Tests

  • 4 new tests in tests/test_protocol.py::TestHandshakeResponseVerification covering happy path + 3 reject paths.
  • Existing handshake tests updated for the new "event set on reject" contract.
  • 956 passed (was 952 on v0.76.0).

🤖 Generated with Claude Code

Assets 3
Loading